Re: [Govpn-devel] Govpn-devel Digest, Vol 5, Issue 3

public inbox for govpn-devel@lists.cypherpunks.ru
Atom feed
From: Gary <kingtopest9000@gmail•com>
To: govpn-devel@lists.cypherpunks.ru
Subject: Re: [Govpn-devel] Govpn-devel Digest, Vol 5, Issue 3
Date: Tue, 24 Nov 2015 16:32:09 +0800	[thread overview]
Message-ID: <CAEwfFSjePoX2JLLA6dN-H3jEr2iPYDHFu5qbLpU0f2CRQX9ZvA@mail.gmail.com> (raw)
In-Reply-To: <mailman.1.1442912400.73456.govpn-devel@lists.cypherpunks.ru>

[-- Attachment #1: Type: text/plain, Size: 6013 bytes --]

HI,
Thanks a lot! But how to configure it on VPS?
And I still cannot understand very much for building up.sh script.

thanks a lot for help!

2015-09-22 17:00 GMT+08:00 <govpn-devel-request@lists•cypherpunks.ru>:

> Send Govpn-devel mailing list submissions to
>         govpn-devel@lists.cypherpunks.ru
>
> To subscribe or unsubscribe via the World Wide Web, visit
>         http://lists.cypherpunks.ru/mailman/listinfo/govpn-devel
> or, via email, send a message with subject or body 'help' to
>         govpn-devel-request@lists•cypherpunks.ru
>
> You can reach the person managing the list at
>         govpn-devel-owner@lists•cypherpunks.ru
>
> When replying, please edit your Subject line so it is more specific
> than "Re: Contents of Govpn-devel digest..."
>
>
> Today's Topics:
>
>    1. Re: How to install and config govpn on server &   client?
>       (stargrave@stargrave•org)
>
>
> ----------------------------------------------------------------------
>
> Message: 1
> Date: Mon, 21 Sep 2015 12:04:28 +0300
> From: stargrave@stargrave•org
> To: govpn-devel@lists.cypherpunks.ru
> Subject: Re: [Govpn-devel] How to install and config govpn on server &
>         client?
> Message-ID: <20150921090428.GA7282@stargrave•org>
> Content-Type: text/plain; charset="us-ascii"
>
> Greetings!
>
> >How to install and config govpn on server & client?  I need details info
> >about that.
>
> I hope that example here: http://www.cypherpunks.ru/govpn/Example.html
> should help.
>
> Initially you must generate client's identity and password verifier. I
> recommend to use trivial script newclient.sh that comes in distribution:
>
>     client% ./utils/newclient.sh Mylove
>     Enter passphrase:[hello world]
>     Your id is: 35180231a9532325f24d37352a044dd7
>
>     Place the following JSON configuration entry on the server's side:
>
>         "35180231a9532325f24d37352a044dd7": {
>             "name": "Mylove",
>             "up": "/path/to/up.sh",
>             "verifier":
> "6f7657776fcc7ce0128138ad78b7438cd482ef77abf79df41e1b51568aefc390"
>         }
>
>     Verifier was generated with:
>
>         ./utils/storekey.sh /tmp/passphrase
>         govpn-verifier -id 35180231a9532325f24d37352a044dd7 -key
> /tmp/passphrase
>
>     Create up.sh script that will output on the first line TAP interface
>     name that must be used for the peer. For example:
>
>         % umask 077
>         % ed /path/to/up.sh
>         a
>         #!/bin/sh
>         echo tap0
>         .
>         wq
>         20
>         % chmod +x /path/to/up.sh
>
> Then you must add this JSON entry in peers.json (default filename for
> server configuration) on the server side:
>
>     server% cat > peers.json <<EOF
>     {
>         "35180231a9532325f24d37352a044dd7": {
>             "name": "Mylove",
>             "up": "/home/stargrave/mylove-up.sh",
>             "verifier":
> "6f7657776fcc7ce0128138ad78b7438cd482ef77abf79df41e1b51568aefc390"
>         }
>     }
>     EOF
>
> And prepare you network with creating of up-script. For example I assume
> that tap2 network interface is dedicated to that peer. Create it with
> native operating system utilities. For example (under FreeBSD):
>
>     server# ifconfig tap2 create
>     server# ifconfig tap2 inet 10.10.10.1/24 mtu 1412 up
>     server# chown stargrave /dev/tap2
>     server% umask 077
>     server% cat > /home/stargrave/mylove-up.sh <EOF
>     #!/bin/sh -e
>     echo tap2
>     echo "Mylove is connected" | mailx -s "Connection event"
> root@stargrave•org
>     EOF
>     server% chmod +x /home/stargrave/mylove-up.sh
>
> up-script must print TAP interface name that on the first line (others
> are ignored). You may even create it inside that script.
>
> Then you can start server up. I use that command:
>
>     % ./govpn-server -bind :1193 -stats '[::1]:5678' -proto all
>
> My server is already up. If I changed JSON file, then it will once a
> minute refresh it and add appeared peers:
>
>     2015/09/21 11:55:49.134609 identify.go:83: Adding key
> 35180231a9532325f24d37352a044dd7
>
> Server is ready. You can run your client. At first you have to save you
> passphrase in some temporary file:
>
>     client% umask 077
>     client% ./utils/storekey.sh /tmp/mypassphrase
>     Enter passphrase:[hello world]
>
> create TAP interface on the client's side:
>
>     client# ifconfig tap0 create
>     server# ifconfig tap0 inet 10.10.10.2/24 mtu 1412 up
>     server# chown stargrave /dev/tap0
>
> For example I call rtsol utility to receive IPv6 address solicitation,
> so I will create up-script that will take interface name as a first
> argument and run this utility:
>
>     client% cat > /tmp/up.sh <<EOF
>     #!/bin/sh
>     /sbin/rtsol $1
>     EOF
>     clien% chmod +x /tmp/up.sh
>
> and run client itself:
>
>     client% govpn-client -iface tap0 -id 35180231a9532325f24d37352a044dd7
> -key /tmp/mypassphrase -remote X.X.X.X:1193 -up /tmp/up.sh
>     2015/09/21 12:01:49.888625 identify.go:83: Adding key
> 35180231a9532325f24d37352a044dd7
>     2015/09/21 12:01:49.888838 main.go:86: GoVPN version 4.0 built with
> go1.5.1
>     2015/09/21 12:01:49.889063 main.go:93: Max MTU on TAP interface: 1412
>     2015/09/21 12:01:49.889513 udp.go:39: Connected to UDP:X.X.X.X:1193
>     2015/09/21 12:01:49.900517 udp.go:89: Handshake completed
>
> --
> Happy hacking, Sergey Matveev
> -------------- next part --------------
> A non-text attachment was scrubbed...
> Name: not available
> Type: application/pgp-signature
> Size: 801 bytes
> Desc: not available
> URL: <
> http://lists.cypherpunks.ru/pipermail/govpn-devel/attachments/20150921/293f7ca2/attachment-0001.bin
> >
>
> ------------------------------
>
> Subject: Digest Footer
>
> _______________________________________________
> Govpn-devel mailing list
> Govpn-devel@lists•cypherpunks.ru
> http://lists.cypherpunks.ru/mailman/listinfo/govpn-devel
>
>
> ------------------------------
>
> End of Govpn-devel Digest, Vol 5, Issue 3
> *****************************************
>

[-- Attachment #2: Type: text/html, Size: 8438 bytes --]

next      parent reply	other threads:[~2015-11-24  8:32 UTC|newest]

Thread overview: 2+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
     [not found] <mailman.1.1442912400.73456.govpn-devel@lists.cypherpunks.ru>
2015-11-24  8:32 ` Gary [this message]
2015-11-24 11:05   ` [Govpn-devel] VPS configuration stargrave